CVE-2023-47634

CVSS 3.1 Score 3.1 of 10 (low)

Details

Published Feb 29, 2024

CWE ID 362

Summary

CVE-2023-47634 affects Decidim, a participatory democracy framework. In versions 0.10.0 and prior to 0.26.9, 0.27.5, and 0.28.0, a race condition exists within the endorsement of resources, enabling users to submit multiple endorsements in parallel. This vulnerability requires repetitive requests to set an endorsement, and affected versions have been patched in 0.26.9, 0.27.5, and 0.28.0. As a temporary solution, disable the Endorsement feature in the components.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tT7Jel
https://www.cve.org/CVERecord?id=CVE-2023-47634
https://nvd.nist.gov/vuln/detail/CVE-2023-47634

Back to Vulnerability Database

CVE-2023-47634

CVSS 3.1 Score 3.1 of 10 (low)

Details

Summary

Advisories, Assessments, and Mitigations